import pool from '@/lib/db';
import crypto from 'crypto';

export async function POST(req) {
  const { email } = await req.json();
  if (!email) {
    return Response.json({ error: '参数不完整' }, { status: 400 });
  }
  const { rows } = await pool.query('SELECT id FROM users WHERE email = $1', [email]);
  const user = rows[0];
  if (!user) {
    return Response.json({ error: '用户不存在' }, { status: 404 });
  }
  // 生成重置token
  const token = crypto.randomBytes(32).toString('hex');
  const expires = new Date(Date.now() + 1000 * 60 * 30); // 30分钟有效
  await pool.query('INSERT INTO password_reset_tokens (user_id, token, expires) VALUES ($1, $2, $3)', [user.id, token, expires]);
  // 伪发送邮件（实际应集成邮件服务）
  console.log(`重置链接：http://localhost:3001/reset-password?token=${token}`);
  return Response.json({ success: true });
} 